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DETAILED ACTION 

1. This application has been examined. Claims 1-29 are presented for examination. 

Priority 

2. No priority claims have been made. 

3. The effective filing date for the subject matter defined in the pending claims in 
this application is 12/10/2001. 

Information Disclosure Statement 

4. An initialed and dated copy of Applicant's IDS form 1449, Paper No. 03/12/2002, 
is attached to the instant Office action. 

Claim Objections 

5. Claim 22 is objected to because of the following informalities: "An apparatus 
allowing for automatic detection of network devices located in a 20 communications 
path " should read "an apparatus allowing for automatic detection of network devices 
located in a communications path ". 

6. Appropriate correction is required. 

Claim Rejections - 35 USC § 112 

7. The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

8. Claims 1-14 rejected under 35 U.S.C. 112. second paragraph, as being indefinite 
for failing to particularly point out and distinctly claim the subject matter which applicant 
regards as the invention. 
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9. Regarding claim 1 , the phrase "and/or" renders the claim indefinite because it is 
unclear whether the limitations following the phrase are part of the claimed invention. 
See MPEP§ 2173.05(d). 

10. Regarding claims 2-14. these claims depended upon a rejected claim and thus 
are also rejected. 

11. For examining purposes, "and/or" will read "and" to enable the limitations 
following the phrase to be part of the claimed invention. 

Claim Rejections - 35 USC § 103 

12. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

13. Claims 1-29 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Acharya et al. (U.S. Patent Number 6,829,709), hereinafter referred to as Acharya in 
view of Weldon et al. (U.S. Patent Number 6,366,563), hereinafter referred to as 
Weldon. 

14. Regarding claim 1 , Acharya disclosed a method allowing for dynamic detection of 
network devices located along a communications path that include compatible 
transformation tunnel capabilities (column 3 line 66-column 4 line 9, column 4 lines 45- 
51 , column 5 lines 30-48), at least one of the network devices operative to recognize 
probe requests and transmit a probe response including transformation tunnel 
capabilities in response to the probe request (column 2 lines 16-36, column 4 lines 52- 
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65, column 5 lines 30-48, column 8 lines 54-65), the method comprising the steps of: 
identify network devices having compatible transformation tunnel capabilities (column 2 
lines 16-36, column 5 lines 30-48, column 7 lines 29-40); and, if a network device is 
identified, transforming subsequent data flows, and subsequent packets in the first data 
flow, to the destination host from a first state to a second state and tunneling the data 
flows to the identified network device (column 2 lines 16-36, column 4 lines 1-10, lines 
52-65, column 5 lines 30-48). 

15. Acharya taught the invention substantially as claimed. However, Acharya did not 
expressly teach a method of detecting a first data flow to a destination host and probing 
the path to the destination host to identify network devices having compatible 
transformation tunnel capabilities. 

1 6. Acharya suggested exploration of art and/or provided a reason to modify the 
method of Acharya with probing feature to identify network devices along the 
communication path (column 2 lines 17-27, column 8 lines 48-65). 

17. Weldon disclosed a method of detecting a first data flow to a destination host and 
probing the path to the destination host to identify network devices having compatible 
transformation tunnel capabilities (Figure 2 signs 204, 207, column 4 lines 16-31, 
column 5 lines 25-55). 

18. It would have been obvious to one of ordinary skill in the art at the time of the 
invention was made to modify the method of Acharya with the teachings of Weldon to 
include the probing the communication path feature in order to offer flexibility and 
scalability features that would allow for independent upgrading and maintenance of the 
shared network since network operators do not need to manually secure IPSec tunnels 
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for each of the IP nodes required to cx)mmunication over the network (Weldon, column 6 
lines 54-67). 

19. Regarding claim 2, Weldon disclosed a method wherein the probing step 
comprises the steps of transmitting a probe request to the destination host; and 
receiving a probe response from a network device in the path to the destination host 
(column 3 lines 3-27, column 5 lines 37-55). 

20. Regarding claim 3, Acharya disclosed a method further comprising the step of 
transforming, at the identified network device, the data flows from the second state 
[transformation] to a third state [inverse transformation]; and transmitting the data flows 
to the destination host (column 4 lines 45-51, column 5 lines 30-40). 

21 . Regarding claim 4, Acharya disclosed a method wherein the third state is 
substantially the same as the first state [re-transformation] (column 4 lines 45-51 , 
column 5 lines 30-40). 

22. Regarding claim 5, Weldon disclosed a method wherein the probing step is 
conditioned on detection of a threshold level of activity associated with the destination 
host (column 4 lines 16-31, column 11 lines 21-42). 

23. Regarding claim 6, Weldon disclosed a method wherein the threshold level of 
activity comprises a minimum number of data flows to the destination host over an 
analysis interval (column 11 lines 21-42). 

24. Regarding claim 7, Weldon disclosed a method wherein the threshold level of 
activity comprises a minimum number of bytes transmitted to the destination host over 
an analysis interval (column 1 1 lines 21-42). 
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25. Regarding claim 8, Weldon disclosed a method wherein the threshold level of 
activity comprises a minimum average data flow rate associated with the destination 
host over an analysis interval (column 1 1 lines 21-42). 

26. Regarding claims 9-10, Weldon disclosed a method further comprising the step 
of selecting the network device furthest along the path to the destination host, if a 
plurality of network devices are identified in the probing step (column 3 lines 36-53, 
column 11 line 65-column 12 line 14). 

27. Regarding claim 1 1 , Acharya disclosed a method wherein the responding 
network devices transmit probe responses in response to probe requests, wherein the 
probe responses are TCP/IP packets including a predefined Time-To-Live value; and 
the selecting step is determined on the basis of the Time-To-Live values of the probe 
responses transmitted by the plurality of network devices (column 7 line 62-column 8 
line 22). 

28. Regarding claim 12, Acharya disclosed a method wherein the transforming step 
comprises compressing data associated with the data flows in a format the identified 
network device can decompress (column 1 lines 26-30, column 4 lines 1-9, lines 45-51). 

29. Regarding claim 13, Acharya disclosed a method wherein the transforming step 
comprises caching data associated with the data flows [servers, routers, firewalls, etc. 
were well-known devices at the time of the invention was made to have caching 
functionalities] (column 3 line 66-clumn 4 line 9). 

30. Regarding claim 14, Acharya disclosed a method wherein the transforming step 
comprises encrypting data associated with the data flows in a format the identified 
network device can decrypt (column 1 lines 26-30, column 4 lines 1-9, lines 45-51). 
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31 . Regarding claim 1 5, Acharya and Weldon combined disclose a method allowing 
for optimization of communications paths associated with a computer network by 
dynamic detection of network devices located along a communications path that include 
compatible transformation tunnel capabilities (Acharya, column 3 line 66-column 4 line 
9, column 4 lines 45-51, column 5 lines 30-48), at least one of the network devices 
operative to recognize probe requests and transmit a probe response including 
transformation tunnel capabilities in response to the probe request (Acharya, column 2 
lines 16-36, column 5 lines 30-48, column 7 lines 29-40), the method comprising the 
steps of: detecting a data flow to a destination host; if the path to the destination host 
has not been probed, then probing the path to the destination host to identify network 
devices having compatible transformation tunnel capabilities (Weldon, Figure 2 signs 
204, 207, column 4 lines 16-31, column 5 lines 25-55); and, associating a network 
device identified in the probing step with the destination host; and, if a network device is 
associated with a destination host, transforming data flows to the destination host from 
a first state to a second state and tunneling the data flows to the associated network 
device (Acharya, column 2 lines 16-36, column 4 lines 1-10, lines 52-65, column 5 lines 
30-48). 

32. Regarding claims 16-21 , the limitations of these claims are similar to the claimed 
limitations of claims 2-5 and 10-11, and thus these claims are rejected using the same 
rationale. 

33. Regarding claim 22, Acharya and Weldon combined disclose an apparatus 
allowing for automatic detection of network devices located in a communications path 
that include compatible transformation tunnel capabilities (Acharya, column 3 line 66- 
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column 4 line 9, column 4 lines 45-51 . column 5 lines 30-48). comprising: a packet 
processor operably connected to a computer network to monitor data flows traversing 
communication paths associated with the computer network to respective destination 
hosts (Weldon, Figure 2, column 5 lines 25-55); a transformation tunnel mechanism 
including transformation tunnel capabilities operative to transform data flows from a first 
state to a second state (Acharya, column 2 lines 16-36, column 4 lines 1-10, lines 52- 
65, column 5 lines 30-48); wherein the transformation tunnel mechanism is further 
operative to establish a tunnel with a network device having compatible transformation 
tunnel capabilities located in a communications path associated with the computer 
network (Acharya, column 4 lines 36-51, column 5 lines 30-48); a probe module 
operative to probe for network devices along communications paths to destination hosts 
that include compatible transformation tunnel capabilities in response to data flows 
detected by the packet processor (Weldon, Figure 2, column 5 lines 25-55); wherein the 
probe module is operative to associate destination hosts with respective network 
devices along communication paths thereto having compatible transformation tunnel 
capabilities (Weldon, column 5 lines 25-55); wherein the packet processor is further 
operative to channel data flows to the transformation tunnel mechanism, wherein the 
channeled data flows are bound for destination hosts associated with network devices 
identified by the probe module (Weldon, Figure 2, column 5 lines 25-55; Acharya, 
column 5 lines 30-48); 

34. Regarding claim 23, Weldon disclosed an apparatus wherein the probe module is 
operative to transmit probe requests along communication paths to destination hosts in 
response to new data flows, and wherein the probe request causes compatible network 
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devices along the path to communicate transformation tunnel capabilities to the 
apparatus (column 5 lines 38-55, column 2 lines 47-67, column 10 lines 41-50). 

35. Regarding claim 24, Weldon disclosed an apparatus wherein the packet 
processor is operative to identify new destination hosts associated with data flows and 
store the computer network address of the destination host in a database (Figure 6 sign 
S607, column 3 lines 3-27. column 5 lines 25-37). 

36. Regarding claim 25, Weldon disclosed an apparatus wherein the probe module 
stores network devices having compatible transformation tunnel capabilities in the 
database in association with corresponding destination hosts (Figure 6 sign S607, 
column 3 lines 3-27, column 5 lines 25-37). 

37. Regarding claim 26, Acharya disclosed an apparatus further comprising a traffic 
class engine operative to classify data flows traversing the packet processor into one of 
a plurality of traffic types; wherein traffic types associated with data flows are operative 
to condition the operation of the probe module with respect to the destination hosts 
associated with such data flows (column 1 lines 26-47, column 4 lines 45-51, column 5 
lines 30-48). 

38. Regarding claim 27, Acharya disclosed an apparatus further comprising a traffic 
class engine operative to classify data flows traversing the packet processor into one of 
a plurality of traffic types; wherein the traffic types associated with the data flows are 
operative to condition the channeling of such data flows to the transformation tunnel 
mechanism (column 1 lines 26-47, column 4 lines 45-51, column 5 lines 30-48). 

39. Regarding claim 28, Weldon disclosed an apparatus wherein traffic types 
associated with data flows are further operative to condition the operation of the probe 
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module with respect to tlie destination hosts associated with such data flows (column 5 
lines 25-37). 

40. Regarding claim 29, the system corresponds to the apparatus of claim 22, and 
thus these claims are rejected using the same rationale. In addition, Acharya disclose a 
system wherein at least one network device operably connected to the computer 
network (Figures 1-2), wherein the network device comprises a transformation tunnel 
mechanism including at least one transformation tunnel capability (column 4 lines 1-10, 
column 5 lines 30-48); wherein the network device is operative to communicate 
transformation tunnel capabilities to the tunnel probing device in response to probe 
requests (column 4 lines 36-51, column 5 lines 30-48). 

41 . Since ail the limitations of the claimed invention were disclosed by the 
combination of Acharya and Weldon, claims 1-29 are rejected. 

Conclusion 

42. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

a. Lothberg et al. (U.S. Patent Number 6,804,776) titled "Method for 
universal transport encapsulation for Internet Protocol network communications" 
disclosed a method for implementing a simple protocol that can be used to create 
high speed Internet Protocol (IP) tunnels for transmitting a variety of different 
payloads across a network. Payload packets may comprise any currently known 
packet protocol. The universal transport interface protocol consists of a 
predefined set of mappings whereby any known protocol can be packaged Into a 
single, conceptually simple packet format. 
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b. Brownell (U.S. Patent Number 6,754,831) titled "Autlienticated firewall 
tunneling framework" disclosed a method and apparatus for managing network 
access to internal hosts protected by a firewall. A user on an external host logs in 
into a firewall. Once the user has been authenticated to the firewall, a session is 
established for the user, and tunnel configuration is transmitted to the user's 
process on the external host. The tunnel configuration data indicates the 
configuration of at least one tunnel for connecting to at least one intemal host 
protected by the firewall. When creating a socket for connecting to the internal 
host, the socket is configured based on the tunnel configuration data. 

43. Refer to the enclosed PTO-892 for details and complete listing of other pertinent 

prior art of record. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Tam (Jenny) Phan whose telephone number is (571 ) 
272-3930. The examiner can nomrially be reached on M-F 9:00-5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, William Cuchlinski can be reached on (571) 272-3925. The fax phone 
number for the organization where this application or proceeding is assigned is 703- 
872-9306. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is (703) 305- 
3900. 

Infonnation regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
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published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-21 7-91 97 (toll-free). 
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SPE 
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